A Bit of everything: 0days, Breaches, Lawsuits, Attacking AI, and some insecure
Day[0] - A podcast by dayzerosec
Categorie:
Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)
Or the video archive on Youtube (@DAY[0])
- [00:05:23] Apple v. Corellium
- [00:12:04] Firefox to Discontinue Sideloaded Extensions
- [00:16:52] Delegated Credentials for TLS
- [00:23:02] North Korean Malware Found on Indian Nuclear Plant's Network
- [00:28:20] The Pirate Bay Downtime Caused by Malicious Search Queries
- [00:29:30] Web.com Breach (allegedly includes NetworkSolutions.com and Register.com)
- [00:32:28] BlueKeep attacks are happening, but it's not a worm
- https://www.kryptoslogic.com/blog/2019/11/bluekeep-cve-2019-0708-exploitation-spotted-in-the-wild/
- [00:36:13] Untitled Goose Game - Insecure Deserialization
- [00:39:58] Two Chrome 0Days get Patched
- [00:42:45] NFC Beaming Bypasses Security Controls in Android [CVE-2019-2114]
- [00:45:43] Abusing HTTP Hop-by-hop Request Headers
- [00:50:54] Let's Make Windows Defender Angry: Antivirus Can be an Oracle! -icchy
- https://en.wikipedia.org/wiki/EICAR_test_file
- [00:56:54] rConfig v3.9.2 authenticated and unauthenticated RCE (CVE-2019-16663) and (CVE-2019-16662)
- [01:02:26] Making an Invisibility Cloak: Real World Adversarial Attacks on Object Detectors
- [01:07:26] Silhouette: Efficient Intra-Address Space Isolation for Protected Shadow Stacks on Embedded Systems
- [01:19:46] unfork(2)
- [01:23:51] Destroying x86_64 instruction decoders with differential fuzzing
- https://github.com/zyantific/zydis